条纹 webhook 错误 "No signatures found matching the expected signature for payload"
Stripe webhooks error "No signatures found matching the expected signature for payload"
被这个错误困扰了一段时间,我已经按照 github 上的 stripes 文档和 express 示例进行了操作,但仍然没有成功。
我在 Firebase 函数中使用 express:
export const app = express();
/* -------------------------------------------------------------------------- */
/* Middleware */
/* -------------------------------------------------------------------------- */
app.use(cors({ origin: true }));
app.use(favicon(__dirname + '/public/favicon.ico'));
app.use(helmet());
app.use(
(
req: express.Request,
res: express.Response,
next: express.NextFunction
): void => {
functions.logger.log('ORIGINAL URL:', req.originalUrl);
if (req.originalUrl === '/stripe/webhooks/account/update') {
functions.logger.log('THIS IS THE WEBHOOK, USING RAW');
next();
} else {
express.json({ strict: false })(req, res, next);
}
}
);
// #####################################################################
app.post(
'/stripe/webhooks/account/update',
express.raw({ type: 'application/json' }),
(req: express.Request, res: express.Response): void => {
functions.logger.log('IN STRIPE ACCOUNT UPDATE WEBHOOK');
const sig = req.headers['stripe-signature'];
let event: Stripe.Event;
try {
event = stripe.webhooks.constructEvent(
req.body,
sig,
functions.config().stripe.webhooks.account.update.test
);
} catch (err) {
const message = `❌ Webhook Error: ${err.message}`;
functions.logger.error(message);
res.status(400).send(message);
return;
}
functions.logger.log('STRIPE WEBHOOK EVENT: ', event);
// Handle the event
switch (event.type) {
case 'account.updated': {
const account = event.data.object;
console.log(account);
// Then define and call a function to handle the event account.updated
break;
}
default:
functions.logger.error(`♀️ Unhandled event type ${event.type}`);
}
// Return a 200 res to acknowledge receipt of the event
res.send();
}
);
上面的控制台日志最终为:
2022-04-15T14:16:01.457790660Zapincqt400t2dxo Function execution started
Info
2022-04-15T14:16:01.492Zapincqt400t2dxo ORIGINAL URL: /stripe/webhooks/account/update
Info
2022-04-15T14:16:01.492Zapincqt400t2dxo THIS IS THE WEBHOOK, USING RAW
Info
2022-04-15T14:16:01.494Zapincqt400t2dxo IN STRIPE ACCOUNT UPDATE WEBHOOK
Error
2022-04-15T14:16:01.498Zapincqt400t2dxo ❌ Webhook Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe? https://github.com/stripe/stripe-node#webhook-signing
Debug
2022-04-15T14:16:01.512803969Zapincqt400t2dxo Function execution took 55 ms. Finished with status: response error
我还通过控制台记录了我的 stripe webhook 秘密,以确保它在那里并且是正确的。
此外,我对秘密进行了硬编码,结果仍然相同。
有人看到这里有什么问题吗?
这是一个常见问题。如果您确定秘密是正确的,那么某些东西正在修改入站请求 body。您需要原始 body。查看 this Github issue 了解常见的解决方案。
被这个错误困扰了一段时间,我已经按照 github 上的 stripes 文档和 express 示例进行了操作,但仍然没有成功。
我在 Firebase 函数中使用 express:
export const app = express();
/* -------------------------------------------------------------------------- */
/* Middleware */
/* -------------------------------------------------------------------------- */
app.use(cors({ origin: true }));
app.use(favicon(__dirname + '/public/favicon.ico'));
app.use(helmet());
app.use(
(
req: express.Request,
res: express.Response,
next: express.NextFunction
): void => {
functions.logger.log('ORIGINAL URL:', req.originalUrl);
if (req.originalUrl === '/stripe/webhooks/account/update') {
functions.logger.log('THIS IS THE WEBHOOK, USING RAW');
next();
} else {
express.json({ strict: false })(req, res, next);
}
}
);
// #####################################################################
app.post(
'/stripe/webhooks/account/update',
express.raw({ type: 'application/json' }),
(req: express.Request, res: express.Response): void => {
functions.logger.log('IN STRIPE ACCOUNT UPDATE WEBHOOK');
const sig = req.headers['stripe-signature'];
let event: Stripe.Event;
try {
event = stripe.webhooks.constructEvent(
req.body,
sig,
functions.config().stripe.webhooks.account.update.test
);
} catch (err) {
const message = `❌ Webhook Error: ${err.message}`;
functions.logger.error(message);
res.status(400).send(message);
return;
}
functions.logger.log('STRIPE WEBHOOK EVENT: ', event);
// Handle the event
switch (event.type) {
case 'account.updated': {
const account = event.data.object;
console.log(account);
// Then define and call a function to handle the event account.updated
break;
}
default:
functions.logger.error(`♀️ Unhandled event type ${event.type}`);
}
// Return a 200 res to acknowledge receipt of the event
res.send();
}
);
上面的控制台日志最终为:
2022-04-15T14:16:01.457790660Zapincqt400t2dxo Function execution started
Info
2022-04-15T14:16:01.492Zapincqt400t2dxo ORIGINAL URL: /stripe/webhooks/account/update
Info
2022-04-15T14:16:01.492Zapincqt400t2dxo THIS IS THE WEBHOOK, USING RAW
Info
2022-04-15T14:16:01.494Zapincqt400t2dxo IN STRIPE ACCOUNT UPDATE WEBHOOK
Error
2022-04-15T14:16:01.498Zapincqt400t2dxo ❌ Webhook Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe? https://github.com/stripe/stripe-node#webhook-signing
Debug
2022-04-15T14:16:01.512803969Zapincqt400t2dxo Function execution took 55 ms. Finished with status: response error
我还通过控制台记录了我的 stripe webhook 秘密,以确保它在那里并且是正确的。
此外,我对秘密进行了硬编码,结果仍然相同。
有人看到这里有什么问题吗?
这是一个常见问题。如果您确定秘密是正确的,那么某些东西正在修改入站请求 body。您需要原始 body。查看 this Github issue 了解常见的解决方案。